1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. 3*7c478bd9Sstevel@tonic-gate * All rights reserved. 4*7c478bd9Sstevel@tonic-gate * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5*7c478bd9Sstevel@tonic-gate * Copyright (c) 1988, 1993 6*7c478bd9Sstevel@tonic-gate * The Regents of the University of California. All rights reserved. 7*7c478bd9Sstevel@tonic-gate * 8*7c478bd9Sstevel@tonic-gate * By using this file, you agree to the terms and conditions set 9*7c478bd9Sstevel@tonic-gate * forth in the LICENSE file which can be found at the top level of 10*7c478bd9Sstevel@tonic-gate * the sendmail distribution. 11*7c478bd9Sstevel@tonic-gate * 12*7c478bd9Sstevel@tonic-gate * 13*7c478bd9Sstevel@tonic-gate * $Id: sendmail.h,v 8.68 2002/07/01 22:18:53 gshapiro Exp $ 14*7c478bd9Sstevel@tonic-gate */ 15*7c478bd9Sstevel@tonic-gate 16*7c478bd9Sstevel@tonic-gate /* 17*7c478bd9Sstevel@tonic-gate ** SENDMAIL.H -- Global definitions for sendmail. 18*7c478bd9Sstevel@tonic-gate */ 19*7c478bd9Sstevel@tonic-gate 20*7c478bd9Sstevel@tonic-gate #include <stdio.h> 21*7c478bd9Sstevel@tonic-gate #include <sm/bitops.h> 22*7c478bd9Sstevel@tonic-gate #include <sm/io.h> 23*7c478bd9Sstevel@tonic-gate #include <sm/string.h> 24*7c478bd9Sstevel@tonic-gate #include "conf.h" 25*7c478bd9Sstevel@tonic-gate 26*7c478bd9Sstevel@tonic-gate /********************************************************************** 27*7c478bd9Sstevel@tonic-gate ** Table sizes, etc.... 28*7c478bd9Sstevel@tonic-gate ** There shouldn't be much need to change these.... 29*7c478bd9Sstevel@tonic-gate **********************************************************************/ 30*7c478bd9Sstevel@tonic-gate #ifndef MAXMAILERS 31*7c478bd9Sstevel@tonic-gate # define MAXMAILERS 25 /* maximum mailers known to system */ 32*7c478bd9Sstevel@tonic-gate #endif /* ! MAXMAILERS */ 33*7c478bd9Sstevel@tonic-gate 34*7c478bd9Sstevel@tonic-gate /* 35*7c478bd9Sstevel@tonic-gate ** Flags passed to safefile/safedirpath. 36*7c478bd9Sstevel@tonic-gate */ 37*7c478bd9Sstevel@tonic-gate 38*7c478bd9Sstevel@tonic-gate #define SFF_ANYFILE 0L /* no special restrictions */ 39*7c478bd9Sstevel@tonic-gate #define SFF_MUSTOWN 0x00000001L /* user must own this file */ 40*7c478bd9Sstevel@tonic-gate #define SFF_NOSLINK 0x00000002L /* file cannot be a symbolic link */ 41*7c478bd9Sstevel@tonic-gate #define SFF_ROOTOK 0x00000004L /* ok for root to own this file */ 42*7c478bd9Sstevel@tonic-gate #define SFF_RUNASREALUID 0x00000008L /* if no ctladdr, run as real uid */ 43*7c478bd9Sstevel@tonic-gate #define SFF_NOPATHCHECK 0x00000010L /* don't bother checking dir path */ 44*7c478bd9Sstevel@tonic-gate #define SFF_SETUIDOK 0x00000020L /* set-user-ID files are ok */ 45*7c478bd9Sstevel@tonic-gate #define SFF_CREAT 0x00000040L /* ok to create file if necessary */ 46*7c478bd9Sstevel@tonic-gate #define SFF_REGONLY 0x00000080L /* regular files only */ 47*7c478bd9Sstevel@tonic-gate #define SFF_SAFEDIRPATH 0x00000100L /* no writable directories allowed */ 48*7c478bd9Sstevel@tonic-gate #define SFF_NOHLINK 0x00000200L /* file cannot have hard links */ 49*7c478bd9Sstevel@tonic-gate #define SFF_NOWLINK 0x00000400L /* links only in non-writable dirs */ 50*7c478bd9Sstevel@tonic-gate #define SFF_NOGWFILES 0x00000800L /* disallow world writable files */ 51*7c478bd9Sstevel@tonic-gate #define SFF_NOWWFILES 0x00001000L /* disallow group writable files */ 52*7c478bd9Sstevel@tonic-gate #define SFF_OPENASROOT 0x00002000L /* open as root instead of real user */ 53*7c478bd9Sstevel@tonic-gate #define SFF_NOLOCK 0x00004000L /* don't lock the file */ 54*7c478bd9Sstevel@tonic-gate #define SFF_NOGRFILES 0x00008000L /* disallow g readable files */ 55*7c478bd9Sstevel@tonic-gate #define SFF_NOWRFILES 0x00010000L /* disallow o readable files */ 56*7c478bd9Sstevel@tonic-gate #define SFF_NOTEXCL 0x00020000L /* creates don't need to be exclusive */ 57*7c478bd9Sstevel@tonic-gate #define SFF_EXECOK 0x00040000L /* executable files are ok (E_SM_ISEXEC) */ 58*7c478bd9Sstevel@tonic-gate #define SFF_NBLOCK 0x00080000L /* use a non-blocking lock */ 59*7c478bd9Sstevel@tonic-gate #define SFF_NORFILES (SFF_NOGRFILES|SFF_NOWRFILES) 60*7c478bd9Sstevel@tonic-gate 61*7c478bd9Sstevel@tonic-gate /* pseudo-flags */ 62*7c478bd9Sstevel@tonic-gate #define SFF_NOLINK (SFF_NOHLINK|SFF_NOSLINK) 63*7c478bd9Sstevel@tonic-gate 64*7c478bd9Sstevel@tonic-gate /* functions */ 65*7c478bd9Sstevel@tonic-gate extern int safefile __P((char *, UID_T, GID_T, char *, long, int, struct stat *)); 66*7c478bd9Sstevel@tonic-gate extern int safedirpath __P((char *, UID_T, GID_T, char *, long, int, int)); 67*7c478bd9Sstevel@tonic-gate extern int safeopen __P((char *, int, int, long)); 68*7c478bd9Sstevel@tonic-gate extern SM_FILE_T*safefopen __P((char *, int, int, long)); 69*7c478bd9Sstevel@tonic-gate extern int dfopen __P((char *, int, int, long)); 70*7c478bd9Sstevel@tonic-gate extern bool filechanged __P((char *, int, struct stat *)); 71*7c478bd9Sstevel@tonic-gate 72*7c478bd9Sstevel@tonic-gate /* 73*7c478bd9Sstevel@tonic-gate ** DontBlameSendmail options 74*7c478bd9Sstevel@tonic-gate ** 75*7c478bd9Sstevel@tonic-gate ** Hopefully nobody uses these. 76*7c478bd9Sstevel@tonic-gate */ 77*7c478bd9Sstevel@tonic-gate 78*7c478bd9Sstevel@tonic-gate #define DBS_SAFE 0 79*7c478bd9Sstevel@tonic-gate #define DBS_ASSUMESAFECHOWN 1 80*7c478bd9Sstevel@tonic-gate #define DBS_GROUPWRITABLEDIRPATHSAFE 2 81*7c478bd9Sstevel@tonic-gate #define DBS_GROUPWRITABLEFORWARDFILESAFE 3 82*7c478bd9Sstevel@tonic-gate #define DBS_GROUPWRITABLEINCLUDEFILESAFE 4 83*7c478bd9Sstevel@tonic-gate #define DBS_GROUPWRITABLEALIASFILE 5 84*7c478bd9Sstevel@tonic-gate #define DBS_WORLDWRITABLEALIASFILE 6 85*7c478bd9Sstevel@tonic-gate #define DBS_FORWARDFILEINUNSAFEDIRPATH 7 86*7c478bd9Sstevel@tonic-gate #define DBS_MAPINUNSAFEDIRPATH 8 87*7c478bd9Sstevel@tonic-gate #define DBS_LINKEDALIASFILEINWRITABLEDIR 9 88*7c478bd9Sstevel@tonic-gate #define DBS_LINKEDCLASSFILEINWRITABLEDIR 10 89*7c478bd9Sstevel@tonic-gate #define DBS_LINKEDFORWARDFILEINWRITABLEDIR 11 90*7c478bd9Sstevel@tonic-gate #define DBS_LINKEDINCLUDEFILEINWRITABLEDIR 12 91*7c478bd9Sstevel@tonic-gate #define DBS_LINKEDMAPINWRITABLEDIR 13 92*7c478bd9Sstevel@tonic-gate #define DBS_LINKEDSERVICESWITCHFILEINWRITABLEDIR 14 93*7c478bd9Sstevel@tonic-gate #define DBS_FILEDELIVERYTOHARDLINK 15 94*7c478bd9Sstevel@tonic-gate #define DBS_FILEDELIVERYTOSYMLINK 16 95*7c478bd9Sstevel@tonic-gate #define DBS_WRITEMAPTOHARDLINK 17 96*7c478bd9Sstevel@tonic-gate #define DBS_WRITEMAPTOSYMLINK 18 97*7c478bd9Sstevel@tonic-gate #define DBS_WRITESTATSTOHARDLINK 19 98*7c478bd9Sstevel@tonic-gate #define DBS_WRITESTATSTOSYMLINK 20 99*7c478bd9Sstevel@tonic-gate #define DBS_FORWARDFILEINGROUPWRITABLEDIRPATH 21 100*7c478bd9Sstevel@tonic-gate #define DBS_INCLUDEFILEINGROUPWRITABLEDIRPATH 22 101*7c478bd9Sstevel@tonic-gate #define DBS_CLASSFILEINUNSAFEDIRPATH 23 102*7c478bd9Sstevel@tonic-gate #define DBS_ERRORHEADERINUNSAFEDIRPATH 24 103*7c478bd9Sstevel@tonic-gate #define DBS_HELPFILEINUNSAFEDIRPATH 25 104*7c478bd9Sstevel@tonic-gate #define DBS_FORWARDFILEINUNSAFEDIRPATHSAFE 26 105*7c478bd9Sstevel@tonic-gate #define DBS_INCLUDEFILEINUNSAFEDIRPATHSAFE 27 106*7c478bd9Sstevel@tonic-gate #define DBS_RUNPROGRAMINUNSAFEDIRPATH 28 107*7c478bd9Sstevel@tonic-gate #define DBS_RUNWRITABLEPROGRAM 29 108*7c478bd9Sstevel@tonic-gate #define DBS_INCLUDEFILEINUNSAFEDIRPATH 30 109*7c478bd9Sstevel@tonic-gate #define DBS_NONROOTSAFEADDR 31 110*7c478bd9Sstevel@tonic-gate #define DBS_TRUSTSTICKYBIT 32 111*7c478bd9Sstevel@tonic-gate #define DBS_DONTWARNFORWARDFILEINUNSAFEDIRPATH 33 112*7c478bd9Sstevel@tonic-gate #define DBS_INSUFFICIENTENTROPY 34 113*7c478bd9Sstevel@tonic-gate #define DBS_GROUPREADABLESASLDBFILE 35 114*7c478bd9Sstevel@tonic-gate #define DBS_GROUPWRITABLESASLDBFILE 36 115*7c478bd9Sstevel@tonic-gate #define DBS_GROUPWRITABLEFORWARDFILE 37 116*7c478bd9Sstevel@tonic-gate #define DBS_GROUPWRITABLEINCLUDEFILE 38 117*7c478bd9Sstevel@tonic-gate #define DBS_WORLDWRITABLEFORWARDFILE 39 118*7c478bd9Sstevel@tonic-gate #define DBS_WORLDWRITABLEINCLUDEFILE 40 119*7c478bd9Sstevel@tonic-gate #define DBS_GROUPREADABLEKEYFILE 41 120*7c478bd9Sstevel@tonic-gate #if _FFR_GROUPREADABLEAUTHINFOFILE 121*7c478bd9Sstevel@tonic-gate # define DBS_GROUPREADABLEAUTHINFOFILE 42 122*7c478bd9Sstevel@tonic-gate #endif /* _FFR_GROUPREADABLEAUTHINFOFILE */ 123*7c478bd9Sstevel@tonic-gate 124*7c478bd9Sstevel@tonic-gate /* struct defining such things */ 125*7c478bd9Sstevel@tonic-gate struct dbsval 126*7c478bd9Sstevel@tonic-gate { 127*7c478bd9Sstevel@tonic-gate char *dbs_name; /* name of DontBlameSendmail flag */ 128*7c478bd9Sstevel@tonic-gate unsigned char dbs_flag; /* numeric level */ 129*7c478bd9Sstevel@tonic-gate }; 130*7c478bd9Sstevel@tonic-gate 131*7c478bd9Sstevel@tonic-gate /* Flags for submitmode */ 132*7c478bd9Sstevel@tonic-gate #define SUBMIT_UNKNOWN 0x0000 /* unknown agent type */ 133*7c478bd9Sstevel@tonic-gate #define SUBMIT_MTA 0x0001 /* act like a message transfer agent */ 134*7c478bd9Sstevel@tonic-gate #define SUBMIT_MSA 0x0002 /* act like a message submission agent */ 135*7c478bd9Sstevel@tonic-gate 136